<?php
session_start();
if($_SESSION['login']){
    include '../config/database.php';

    $con = mysqli_connect($dbhost,$dbuser,$dbpasswd,$dbname);

    $sqlname = $dbprefix.'users';

    $sqlcommand = "SELECT * FROM `".$sqlname."` WHERE `username` LIKE '".$_SESSION['username']."'";

    $result = mysqli_query($con, $sqlcommand);
    if (mysqli_num_rows($result) > 0) {
        while($row = mysqli_fetch_assoc($result)) {
            $truepwss = $row['passwd'];
        }
    }
    
    if(sha1($_SESSION['passwd']) == $truepwss){
        $raw = array("code" => 0 , 'data' => array('msg' => '登陆成功'));
        echo json_encode($raw , JSON_UNESCAPED_UNICODE);
        exit(1);
        
    }else {
        $raw = array("code" => 1 , 'data' => array('msg' => '用户名或密码错误'));
        echo json_encode($raw , JSON_UNESCAPED_UNICODE);
        exit(1);
    }

}
else {
    $raw = array("code" => 1 , 'data' => array('msg' => '用户名或密码错误'));
    echo json_encode($raw , JSON_UNESCAPED_UNICODE);
    exit(1);
}
?>